| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 18 Aug 2016 14:47:23 +0530
From: "Naveen N. Rao" <naveen.n.rao@...ux.vnet.ibm.com>
To: Ravi Bangoria <ravi.bangoria@...ux.vnet.ibm.com>,
Arnaldo Carvalho de Melo <acme@...nel.org>
Cc: linux-kernel@...r.kernel.org, peterz@...radead.org,
mingo@...hat.com, alexander.shishkin@...ux.intel.com,
mhiramat@...nel.org, wangnan0@...wei.com,
hemant@...ux.vnet.ibm.com, Michael Petlan <mpetlan@...hat.com>
Subject: Re: [PATCH v2 2/2] perf uprobe: Skip prologue if program compiled
without optimization
On 2016/08/03 02:28PM, Ravi Bangoria wrote:
> Function prologue prepares stack and registers before executing function
> logic. When target program is compiled without optimization, function
> parameter information is only valid after prologue. When we probe entrypc
> of the function, and try to record function parameter, it contains
> garbage value.
>
> For example,
> $ vim test.c
> #include <stdio.h>
>
> void foo(int i)
> {
> printf("i: %d\n", i);
> }
>
> int main()
> {
> foo(42);
> return 0;
> }
>
> $ gcc -g test.c -o test
> $ objdump -dl test | less
> foo():
> /home/ravi/test.c:4
> 400536: 55 push %rbp
> 400537: 48 89 e5 mov %rsp,%rbp
> 40053a: 48 83 ec 10 sub -bashx10,%rsp
> 40053e: 89 7d fc mov %edi,-0x4(%rbp)
> /home/ravi/test.c:5
> 400541: 8b 45 fc mov -0x4(%rbp),%eax
> ...
> ...
> main():
> /home/ravi/test.c:9
> 400558: 55 push %rbp
> 400559: 48 89 e5 mov %rsp,%rbp
> /home/ravi/test.c:10
> 40055c: bf 2a 00 00 00 mov -bashx2a,%edi
> 400561: e8 d0 ff ff ff callq 400536 <foo>
> /home/ravi/test.c:11
>
> $ ./perf probe -x ./test 'foo i'
> $ cat /sys/kernel/debug/tracing/uprobe_events
> p:probe_test/foo /home/ravi/test:0x0000000000000536 i=-12(%sp):s32
>
> $ ./perf record -e probe_test:foo ./test
> $ ./perf script
> test 5778 [001] 4918.562027: probe_test:foo: (400536) i=0
>
> Here variable 'i' is passed via stack which is pushed on stack at
> 0x40053e. But we are probing at 0x400536.
>
> To resolve this issues, we need to probe on next instruction after
> prologue. gdb and systemtap also does same thing. I've implemented
> this patch based on approach systemtap has used.
>
> After applying patch:
>
> $ ./perf probe -x ./test 'foo i'
> $ cat /sys/kernel/debug/tracing/uprobe_events
> p:probe_test/foo /home/ravi/test:0x0000000000000541 i=-4(%bp):s32
>
> $ ./perf record -e probe_test:foo ./test
> $ ./perf script
> test 6300 [001] 5877.879327: probe_test:foo: (400541) i=42
>
> No need to skip prologue for optimized case since debug info is correct
> for each instructions for -O2 -g. For more details please visit:
> https://bugzilla.redhat.com/show_bug.cgi?id=612253#c6
>
> Signed-off-by: Ravi Bangoria <ravi.bangoria@...ux.vnet.ibm.com>
> ---
> Changes in v2:
> - Skipping prologue only when any ARG is either C variable, $params
> or $vars.
> - Probe on line(:1) may not be always possible. Recommend only address
> to force probe on function entry.
>
> tools/perf/util/probe-finder.c | 164 +++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 164 insertions(+)
This fixes the uprobe issue reported by Michael Petlan:
https://www.mail-archive.com/linux-perf-users@vger.kernel.org/msg02348.html
Acked-by: Naveen N. Rao <naveen.n.rao@...ux.vnet.ibm.com>
Powered by blists - more mailing lists